What We'll Bring:
At TransUnion, we have a welcoming and energetic environment that encourages collaboration and innovation - we're consistently exploring new technologies and tools to be agile. This environment gives our people the opportunity to hone current skills and build new capabilities, while discovering their genius.
Come be a part of our Information Security team - you'll work with great people, pioneering products and cutting-edge technology.
As the Lead WAF Engineer at TransUnion, you will be a part of our Network Security team to implement & improve WAF security posture which is key to meeting and providing the robust security for web based applications. You will have opportunity to contribute to technology modernization by moving network visibility tools to a variety of cloud solutions like AWS, Azure, Google Cloud and alike. This is a great opportunity to leverage your programming experience in security domain.What You'll Bring:
- Lead global architecture and deployment of Web Application Firewalls (WAF) working in close conjunction with security architecture, vendors and internal stakeholders.
- Contribute to global strategy work for WAF and process of onboarding of applications behind WAF.
- Develop, maintain, test and troubleshoot WAF policies and rule sets globally. Monitors systems activities and fine tunes system parameters and configuration to optimize performance and ensure security of systems.
- Respond to WAF events and develop incident response plans.
- Perform hardware capacity planning, review and respond to WAF alerts, onboard new apps to WAF, optimize policies, lead/conduct upgrades, integrate with monitoring/alerting tools and troubleshoot issues.
- Act as an escalation point for the WAF team to assist and advice on issues associated with WAF. Provide Tier 3 engineering support as needed.
- Agile project planning & delivery.
We'd love to see:
- Strong understanding of on premise and cloud based Web Application Firewall Technologies. Extensive experience in CloudFlare technology & global implementation.
- Experience with security programming using REST API's and automation & scripting using PERL, Python, Ruby or Ansible.
- Strong DevOps experience & Cloud certification (AWS, Azure)
- Ability to improve effectiveness in incident response practices. Be a champion of continuous improvement initiatives.
- Install and tests new hardware and software releases. Evaluate and install patches, perform system upgrades and resolves security issues.
- Knowledge of information security concepts, OWASP web application vulnerabilities and web-based attacks.
- Good understanding of Linux or Cent OS command structure and experience creating shell scripts.
- In-depth understanding of communication protocols (mainly TCP/IP) and routing protocols (e.g. BGP, OSPF). Expertize in networking firewall concepts and configuration
- Knowledge and ability to support infrastructure, cloud security engineering & automation initiatives.
- Strong background in implementing and maintaining event management best practices.
- Ability to ensure the adoption and governance of standard operating procedures.
- Able to conduct research and support development of information security policies, standards, procedures, and/or guidelines.
- Good working knowledge of information security risk identification, assessment and reporting activities.
- Support business continuity risk management and disaster recovery planning activities.
- Adept at security monitoring, and investigation activities.
- Provider tier 3 support as needed.
- Ability to demonstrate technical knowledge and consultative skills. Strong communication skills.
- Bachelor's degree in Computer Science or Information Technology.
Impact You'll Make:
- 5+ years of networking experience, including configuring, analyzing & troubleshooting complex TCP/IP networks.
- 2+ years of working in a Security Operations Center (SOC).
- 2+ years of tier 3 network & WAF support experience.
- 2+ years of experience working on projects with agile methodologies.
- 2+ years of experience with cloud technologies like AWS, Azure, Google Cloud Platform.
- Experience with cloud automation in security domain.
- In the first 90 days - Ramp up to project specifics and contribute to new WAF deployments and troubleshooting issues by closely with technical leads. Participate in solution architecture to move WAF tools to the cloud.
- Beyond 90 days - Effectively perform WAF deployments independently across TU regions with support from local resources. Participate in Tier 3 support activities and BAU as needed.
During the COVID-19 pandemic, TransUnion has several safety protocols in place to protect associates, customers, and visitors. You may be required to be fully vaccinated against COVID-19 as a condition of employment and/or to participate in certain work-related activities. Exemption is available to qualified candidates as a reasonable accommodation. Benefits:
We're supported by flexible benefits that not only cover us but our families. We offer a variety of benefit plans and options that vary by region, country and location.
Some highlights that apply to our U.S. associates include:
- Flexible time off for exempt associates
- Tuition reimbursement
- Paid parental leave
- Adoption assistance
- Infertility coverage
- Spousal and domestic partner benefits
- Charity gift matching
- Employee stock purchase plan
- Retirement contributions
- ... and more
We are committed to being a place where diversity is not only present, it is embraced. As an equal opportunity employer, all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, veteran status, marital status, citizenship status, sexual orientation, gender identity or any other characteristic protected by law.
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, veteran status, marital status, citizenship status, sexual orientation, gender identity or any other characteristic protected by law.During the COVID-19 pandemic, TransUnion has several safety protocols in place to protect associates, customers, and visitors. You may be required to be fully vaccinated against COVID-19 as a condition of employment and/or to participate in certain work-related activities. Exemption is available to qualified candidates as a reasonable accommodation.
TransUnion's Internal Job Title:
Lead Engineer, Info Sec Engineering